Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add GLEAM_CACERTS_PATH env variable #3939

Draft
wants to merge 6 commits into
base: main
Choose a base branch
from
Draft

feat: add GLEAM_CACERTS_PATH env variable #3939

wants to merge 6 commits into from
+36 −2

Conversation

winstxnhdw
Copy link

@winstxnhdw winstxnhdw commented Dec 2, 2024
edited
Loading

Revival of #3459

Tagging @lpil as he was the previous reviewer.

Closes #3246

@winstxnhdw winstxnhdw force-pushed the feat/cacerts-env-var branch from 33063f4 to 56b73d5 Compare December 2, 2024 15:58
@winstxnhdw winstxnhdw marked this pull request as ready for review December 2, 2024 16:15
lpil
lpil reviewed Dec 2, 2024
View reviewed changes
Copy link
Member

@lpil lpil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

It looks like these would be used for all HTTP requests rather than just for the Hex API. Is that what we want or would that be too restrictive if we wanted to make requests to other domains too?

How might we test this change?

compiler-cli/src/http.rs Outdated Show resolved Hide resolved
@lpil lpil marked this pull request as draft December 2, 2024 17:20
@winstxnhdw
Copy link
Author

winstxnhdw commented Dec 2, 2024
edited
Loading

It looks like these would be used for all HTTP requests rather than just for the Hex API. Is that what we want or would that be too restrictive if we wanted to make requests to other domains too?

Again, it seems standard to have the certificates apply to all HTTP requests. In fact, a partial application would be surprising and frustrating behaviour.

@winstxnhdw
Copy link
Author

Hey, any updates?

@lpil
Copy link
Member

lpil commented Dec 4, 2024

I just tested this and node does not silently discard the error, it emits an ugly looking warning.

Make it return an error if an error occurs, thank you.

@winstxnhdw
Copy link
Author

I just tested this and node does not silently discard the error, it emits an ugly looking warning.

Make it return an error if an error occurs, thank you.

I am not sure what you mean. I am returning an error. Can you describe how you reproduced that warning? I am not getting an issue on my end.

@lpil
Copy link
Member

lpil commented Dec 22, 2024
edited
Loading

I set the variable and then ran npm install.

We will be returning an error for invalid certs.

@winstxnhdw winstxnhdw marked this pull request as ready for review January 10, 2025 11:15
@winstxnhdw winstxnhdw force-pushed the feat/cacerts-env-var branch from f84c261 to 0f58cf5 Compare January 10, 2025 16:44
@winstxnhdw
Copy link
Author

Any ideas how I can propagate the error out of get_or_init?

lpil
lpil reviewed Jan 21, 2025
View reviewed changes
Copy link
Member

@lpil lpil left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You would need to not use get_or_init, or to handle the error at each place it is used.

@lpil lpil marked this pull request as draft January 21, 2025 17:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lpil lpil lpil left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add support to custom CA certificate stores
2 participants
@winstxnhdw @lpil